评论 0

happmaoo你好，我的remnode被暂停了，怎么办啊、
Hello,
Please see the abuse report below and reply back with your solution at your earliest availability.
________________________________________________________________________________
Hello,
This is a notification of suspected botnet computers sending spam.
On September 01, 2015, a total of 1 IP addresses from your networks tried
to send spam to my server without permission. As they could not get past
greylisting (due to their lack of retries after getting temporary failures),
they are suspected to be compromised botnet computers.
The connection log is included below for your reference. Each line lists the
date, time, time zone, attacker IP, attacker's network name (as found in
WHOIS), local IP, and local TCP port number of a spam attempt. To prevent
this mail from getting too big in size, only 5 spam attempts from each
attacker IP are included.
If you regularly collect IP traffic information of your network, you will see
the IPs listed connected to TCP port 25 of local IP at the time logged, and
I suspect that they also connected to TCP port 25 of many other IPs.
Please notify the owners of those botnet computers so that they can take
appropriate action to clean their computers, before even more severe incidents,
like data leakage, DDoS, and the rumored NSA spying through hijacked botnets,
arise. This also helps prevent botnets from taking up your network bandwidth.
Full internet email headers of spam attempts from those IPs, as logged on
local IP which they tried to abuse, is also included below for your reference.
Chih-Cherng Chin
Daily Botnet Statistics
http://botnet-tracker.blogspot.com/
*** Cyber Security Open Data:
*** Browse http://botnet-tracker.blogspot.com/search/label/suspected%20bots%20ip
*** follow the link within posts to download IP lists of suspected
*** infected computers. Use them to create more effective defenses,
*** discover latest trends of cyber attacks, etc.
---- connection log (time zone is UTC; sent to [email protected]) ----
date => time => TZ => attacker IP => network name => local IP => local TCP port#
-------------------------------------------------------------------------------
2015-09-01 20:57:48 UTC 23.226.231.149 RAMNODE-6 104.194.82.20 25
---- internet email headers ----
Received: from [23.226.231.149] (helo=104.194.82.20)
by mta104.digitv.twbbs.org with smtp (Exim 4.85)
(envelope-from )
id 1ZWscl-0003pD-Km; Tue, 01 Sep 2015 20:57:48 +0000
Message-ID:
From: "褐藻糖膠"
Reply-To: "褐藻糖膠"
To: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: 免費試用，沖繩「褐藻糖膠」為世界認定的頂級營養保健抗癌食品，技術領先，幫您{藻}回健康100%日本製零污染，填寫索取試用，加送精美健康手冊，或免費來電索取:0800-888-990--褐藻糖膠
Date: Tue, 01 Sep 2015 21:52:47 +0100
X-Mailer: Microsoft Outlook, Build 10.0.2616
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--4611636548512924"
X-Priority: 3
X-MSMail-Priority: Normal
________________________________________________________________________________
If you have any further questions please do not hesitate to reply.
Regards,
George T.
---
Skype: RamNode
Twitter: @RamNode
Network Status: @NodeStatus
IRC: http://bit.ly/1gs3m5u
----------------------------------------------
Ticket ID: #605652
Subject: Abuse Report - 23.226.231.149
Status: Abuse
Ticket URL: https://clientarea.ramnode.com/viewticket.php?tid=605652&c=njWZo5dq
---------------------------------------------- 4年前 (2015-09-03)回复